# Claude Code Security Review — PR Audit Action > Claude Code Security Reviewer is a GitHub Action that scans PR diffs for security issues and comments findings on the PR using a Claude API key. ## Install Save the content below to `.claude/skills/` or append to your `CLAUDE.md`: ## Quick Use 1. Add `.github/workflows/security.yml`: ```yaml name: Security Review permissions: pull-requests: write contents: read on: pull_request: jobs: security: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 with: ref: ${{ github.event.pull_request.head.sha || github.sha }} fetch-depth: 2 - uses: anthropics/claude-code-security-review@main with: comment-pr: true claude-api-key: ${{ secrets.CLAUDE_API_KEY }} ``` 2. Add `CLAUDE_API_KEY` as a repo secret. 3. Open a PR and confirm the action posts findings as PR comments. ## Intro Claude Code Security Reviewer is a GitHub Action that scans PR diffs for security issues and comments findings on the PR using a Claude API key. - **Best for:** repos that want a diff-aware security pass on every PR before merging (especially backend/services) - **Works with:** GitHub Actions, PR comment permissions, Claude API key secrets, trusted PR workflows - **Setup time:** 8 minutes ## Practical Notes - Diff-aware mode: README says it analyzes changed files for PRs (not full repo) - Default model input in README references Opus 4.1 and a 20-minute ClaudeCode timeout (configurable) ## Using It Without Shooting Yourself in the Foot AI security review is most useful when it’s **diff-scoped** and the repo has clear trust boundaries. Recommended rollout: - Enable it on internal PRs first (or require maintainer approval for external contributors) to reduce prompt-injection risk. - Treat findings as a review aid, not an automatic block, until you calibrate false positives. - Keep the action’s permissions minimal: it needs PR comment write access, not repo write access. The README also documents customization via files (for example custom scan instructions and false-positive filtering). Adopt that once your team agrees on a “house style” for security comments. ### FAQ **Q: Does it scan the whole repo?** A: For PRs it focuses on changed files/diffs (per README). **Q: Is it hardened against prompt injection?** A: The README explicitly warns it is not; use trusted PR policies. **Q: How do I tune false positives?** A: Use the provided inputs for custom instructions / filtering files. ## Source & Thanks > Source: https://github.com/anthropics/claude-code-security-review > License: MIT > GitHub stars: 4,568 · forks: 430 --- ## 快速使用 1. 添加 `.github/workflows/security.yml`: ```yaml name: Security Review permissions: pull-requests: write contents: read on: pull_request: jobs: security: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 with: ref: ${{ github.event.pull_request.head.sha || github.sha }} fetch-depth: 2 - uses: anthropics/claude-code-security-review@main with: comment-pr: true claude-api-key: ${{ secrets.CLAUDE_API_KEY }} ``` 2. 在仓库 Secrets 里添加 `CLAUDE_API_KEY`。 3. 打开 PR,确认 Action 在 PR 里发布安全发现(评论/建议)。 ## 简介 Claude Code Security Reviewer 是一个 GitHub Action:只分析 PR 的变更文件,输出安全问题与修复建议并自动回评到 PR(需要 CLAUDE_API_KEY)。 - **适合谁:** 希望在合并前对每个 PR 做一次“只看 diff”的安全体检的仓库(尤其是后端/服务) - **可搭配:** GitHub Actions、PR 评论权限、Claude API key secrets、可信 PR 流程 - **准备时间:** 8 分钟 ## 实战建议 - 按 README:PR 场景只分析变更文件(diff-aware),避免全仓扫描带来的成本与噪音 - README 给出默认超时 20 分钟,并提供模型名参数(可按需求调整) ## 不翻车的使用方式 AI 安全审计最怕两件事:范围太大导致噪音爆炸,以及信任边界不清导致被 prompt injection 牵着走。 更稳的落地路径: - 先在内部 PR 或“外部贡献需审批”模式下启用,降低被攻击面。 - 先把它当作 review 辅助,不要一开始就自动阻断合并;先校准误报率。 - 权限尽量最小化:写 PR 评论即可,不需要写仓库。 README 还支持用自定义指令文件来调优扫描与误报过滤;当团队确定“安全评论风格”后再逐步接入。 ### FAQ **会全仓扫描吗?** 答:按 README:PR 场景主要针对变更文件/差异,而不是全仓。 **能抵抗 prompt injection 吗?** 答:README 明确提示未做加固;建议只在可信 PR 策略下使用。 **怎么减少误报?** 答:使用 Action 提供的自定义扫描/过滤指令文件输入来调优。 ## 来源与感谢 > Source: https://github.com/anthropics/claude-code-security-review > License: MIT > GitHub stars: 4,568 · forks: 430 --- Source: https://tokrepo.com/en/workflows/claude-code-security-review-pr-audit-action Author: Script Depot